<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Researchers at the security firm LayerX uncovered a critical vulnerability in Claude Desktop Extensions that could enable RCE with no interaction β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/aNxVbbFChjAdszalB0usHc1mmEplVonVN94F_19eUFs=444" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/vpo0I88Kq3If0UoRt-YDyus-vAOVn3XDfYuVn2Q12Vk=444" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=44af9b6c-072d-11f1-8dcf-4b81c05989df%26pt=campaign%26t=1770818804%26s=7f04aae112bfb8c7e413741d014cb6c67638be852c79c1f7acf7ab96fe5ab440/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/K7t7A0Msz5rdq4RvHNDh4G_WTwflqzZI4mQJiEOFbBM=444"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fzeropath.com%2Fdemo%3Futm_source=tldr_newsletter%26utm_campaign=2026/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/5x2w82LeVV4xeFLwnIpGJt4DWnmevwYWD25KICArgSs=444"><img src="https://images.tldr.tech/zeropath.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Zeropath"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-02-11</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fzeropath.com%2Fdemo%3Futm_source=tldr_newsletter%26utm_campaign=2026/2/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/AHn_RFEN9Z4zRD6T-wmBEJgu74Uh6G33gSUW9ujEk6s=444">
<span>
<strong>Find the risks hidden in your codebase that other security tools miss (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Engineering and security teams often rely on tools that reveal only a narrow slice of what is happening inside their software. The deeper risks in modern code such as logic failures, unexpected execution paths, and behavioral deviations from intent rarely appear without more advanced analysis.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fzeropath.com%2Fdemo%3Futm_source=tldr_newsletter%26utm_campaign=2026/3/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/XR57wf6DRSrZFyYon75ZaiT9kpsJaTP4M62ffnSTmh0=444" rel="noopener noreferrer nofollow" target="_blank"><span>ZeroPath</span></a> brings these issues into view by examining real application behavior and exposing problems that conventional approaches miss. The result is a clearer and more confident understanding of actual risk and a faster path to meaningful remediation. You can <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fzeropath.com%2Fdemo%3Futm_source=tldr_newsletter%26utm_campaign=2026/4/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/gYOqbsEaXAeyCodquBRIgym3eSh5VzV1i3p6O1xojao=444" rel="noopener noreferrer nofollow" target="_blank"><span>run ZeroPath on your own repositories in minutes</span></a> to see what it uncovers for your team.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fzeropath.com%2Fdemo%3Futm_source=tldr_newsletter%26utm_campaign=2026/5/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/NJdzhdir-DrGPJOagD6nOPfJLDoLTRQaxxl3SsrVSRQ=444" rel="noopener noreferrer nofollow" target="_blank"><span>Book a demo</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farcticwolf.com%2Fresources%2Fblog%2Fcve-2026-21643%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/K6w9SOqZPfs_Y20IDHG1Qe2t3mc8VgiExDPX_KixDDM=444">
<span>
<strong>CVE-2026-21643: Critical SQL Injection in FortiClientEMS (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Fortinet has patched CVE-2026-21643, a critical SQL injection vulnerability in the FortiClientEMS GUI that allows unauthenticated remote attackers to execute arbitrary code or commands by improperly neutralizing special characters in SQL queries. The flaw affects FortiClientEMS version 7.4.4. Version 7.4.5 was released as a fix. Versions 7.2 and 8.0 are unaffected. While no exploitation in the wild or public proof-of-concept has been observed yet, organizations should patch urgently, given Fortinet's history as a heavily targeted vendor per CISA's Known Exploited Vulnerabilities Catalog.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fhackers-global-group-ransomware-offline-phishing-emails%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/No1Fg7u6lXpWtf6lNgHI1iTYC7uz8BVCo9tMzF2kLdE=444">
<span>
<strong>Hackers Deliver Global Group Ransomware Offline via Phishing Emails (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Forcepoint X-Labs discovered the Phorpiex botnet delivering Global Group ransomware, a Mamona successor, via phishing emails containing .lnk files disguised as documents. It leverages living-off-the-land techniques using PowerShell and Command Prompt for payload delivery. The ransomware operates in a mute mode that generates encryption keys locally with ChaCha20-Poly1305 instead of contacting a C2 server, allowing it to encrypt files on offline machines and evade network-based detection. After encryption, the malware self-deletes, destroys Volume Shadow Copies, and appends a .reco extension to locked files, leaving minimal forensic artifacts.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberpress.org%2Fclaude-desktop-extensions-zero-click-rce-flaw%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/XryE9eRnyGMfZzxBceAtkL3u-_v2R1pDQI5RnSHolwA=444">
<span>
<strong>Claude Desktop Extensions Zero-Click RCE Exposes Over 10K Users to Silent Attacks (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers at the security firm LayerX uncovered a critical (CVSS 10/10) vulnerability in Claude Desktop Extensions (DXT) that could enable remote code execution (RCE) with no user interaction. In the proof-of-concept disclosed by LayerX, an attacker would send the victim a Google Calendar invite containing malicious instructions in the event description. The victim would then, at some point, ask Claude to manage their calendar or check events, and the malicious instructions would be executed. This vulnerability is enabled by the fact that Claude DXT intentionally runs without any isolation.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fneosmart.net%2Fblog%2Frecreating-epstein-pdfs-from-raw-encoded-attachments%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/aTsCmz70yOvcjUkgNn_m1DKoy6COEzczFUlK0wqspuc=444">
<span>
<strong>Recreating uncensored Epstein PDFs from raw encoded attachments (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A security researcher discovered that the DoJ's latest Epstein document dump inadvertently included unredacted email attachments as raw base64-encoded content β left uncensored because the assigned intern didn't recognize the significance of pages of encoded data embedded in printed-and-scanned emails. Reconstructing the original PDFs proved extremely difficult due to poor OCR quality on Courier New font rendering (where "1" and "l" are nearly indistinguishable), with multiple commercial and open-source OCR tools failing until a community-developed pixel-level template-matching approach achieved 99.96% line accuracy and successfully decompressed 39 of 40 FlateDecode streams. The incident highlights how encoding artifacts and document processing pipelines can inadvertently preserve sensitive content that redaction workflows miss, and serves as a cautionary tale for forensic document handling and redaction verification processes.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.blog%2Fsecurity%2Fvulnerability-research%2Fbugs-that-survive-the-heat-of-continuous-fuzzing%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/oJGA0xFo9md9no_nOVABqLcyRSOa65EMVBLHHqjTBns=444">
<span>
<strong>Bugs That Survive the Heat of Continuous Fuzzing (17 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Open source maintainers can enroll their projects in OSS-Fuzz continuous fuzzing at no cost. While this process has detected many new bugs, the author of this post discovered new bugs in popular projects due to limited coverage, insufficient coverage of external dependencies, and insufficient fuzzing coverage of encoding functions. The author recommends a five step fuzzing process: prepare the code, iteratively increase code coverage to ideally above 90%, improve context-sensitive coverage which relies upon state that a fuzzer may not naturally reach, employ value coverage to discover bugs that the fuzzer's inputs may be missing, and finally try to hone in on difficult to detect bugs such as those requiring large inputs or longer amounts of time.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sysdig.com%2Fblog%2Fai-assisted-cloud-intrusion-achieves-admin-access-in-8-minutes%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/SXI7ZI3buzJpDbnP0Y0kNxGQJH1_C9UGUVdGh-V6JhM=444">
<span>
<strong>AI-Assisted Cloud Intrusion Achieves Admin Access in 8 Minutes (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
In November 2025, the Sysdig Threat Research Team (TRT) detected an account compromise that was notable for the attacker's 8-minute progression from initial access to administrative privileges, using LLM assistance. The attacker gained initial access through credentials discovered in a public S3 bucket. They then used these credentials to replace the Lambda function code to escalate privileges, move laterally across 19 different principals, and finally harvest sensitive data. They also used Bedrock to access cloud-hosted LLMs and launch GPU instances for model training. The article includes mitigation recommendations for each step in the attacker's exploit chain.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdepthfirst.com%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=2026Q1_newsletter_TLDRInfoSec%26utm_content=secondary_placement%26utm_term=demo_request/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/YLtsi9cCfibeOaxq3CQh_epYSBq11VoOwTNhO_EP99s=444">
<span>
<strong>depthfirst achieves 85% fewer false positives and 8x higher recall on AI security benchmarks (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AI lets developers ship in seconds, and now security can move just as fast. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdepthfirst.com%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=2026Q1_newsletter_TLDRInfoSec%26utm_content=secondary_placement%26utm_term=demo_request/2/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/h4Y_KKRmJ48hA9oFtX4BGBplfCtqcvSLujSneG9RGX8=444" rel="noopener noreferrer nofollow" target="_blank"><span>depthfirst</span></a> understands your code, business logic, and infrastructure to trace full attack paths, validate what's actually exploitable, and tell your devs exactly how to fix it. Trusted by Lovable, Supabase, Moveworks, and Persona. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdepthfirst.com%2Fbook-a-demo%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=2026Q1_newsletter_TLDRInfoSec%26utm_content=secondary_placement%26utm_term=demo_request/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/fb4bUzdTOH5qx0IBM-9lg1GgeqcQqkShNrVEZHvDxZc=444" rel="noopener noreferrer nofollow" target="_blank"><span>Book a demo and try it for free.</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.praetorian.com%2Fblog%2Fintroducing-augustus-open-source-llm-prompt-injection%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/YP4OSsSgdY0zVtsSFeDlhqnMPD9elc1pEf0za84tjPM=444">
<span>
<strong>Introducing Augustus: Open Source LLM Prompt Injection Tool (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Augustus is an open-source Go-based LLM vulnerability scanner that tests models against 210+ adversarial attacks across 47 categories, including jailbreaks, prompt injection, encoding exploits, data extraction, and agent manipulation, shipping as a single binary with support for 28 LLM providers. Inspired by NVIDIA's garak but reimplemented in Go for faster execution and zero runtime dependencies, Augustus features a pipeline architecture with composable probes, buff transformations (encoding, paraphrase, poetry, and low-resource language translation), and 90+ detectors, including LLM-as-a-judge and HarmJudge. The tool is part of Praetorian's "The 12 Caesars" campaign.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsaturnine.cc%2Fklint%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/Cwyp7qYWT6GaD-7vqwOB7LZQV9eImDvB1I_QTCUmf9I=444">
<span>
<strong>Klint (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Klint is a single-binary, zero-dependency incident response scanner written in C++23 that detects hidden kernel modules, rootkits, compromised syscall tables, and eBPF-based persistence mechanisms across 8 self-registering scanners. The tool cross-references multiple kernel data sources β including /proc/kcore, /proc/kallsyms, MSRs, and cgroup task files β to identify inconsistencies indicative of tampering, with structured JSON output and meaningful exit codes designed for CI pipeline integration. Builds as a fully static binary for rapid deployment via SCP into compromised environments during live incident response.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fstrongdm%2Fleash%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/94WBHhyDH4YXCMSAsBQL59ic85xXoDSareBDp5Z2pX4=444">
<span>
<strong>Leash (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Leash wraps AI coding agents in containers, monitors their activity, and enforces custom Cedar policies instantly.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fhackers-signal-qr-codes-spy-on-military-political-leaders%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/BGW2Kxu79-BPXC2kaDqAx_DFDdMqVIfhVHd-2-Zafl0=444">
<span>
<strong>Hackers Use Signal QR Codes to Spy on Military and Political Leaders (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Germany's BSI and BfV warned that state-backed hackers are targeting military leaders, diplomats, and journalists across Europe by abusing Signal's legitimate features β impersonating Signal Security Support to steal PINs and hijack accounts, or tricking targets into scanning QR codes that silently link attacker devices with access to 45 days of chat history. The campaigns rely entirely on social engineering rather than exploits, making them difficult to detect through traditional security tooling. Users should enable Registration Lock, audit linked devices regularly, and treat any unsolicited messages requesting verification codes as malicious.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F02%2F09%2Fhacktivist-scrapes-over-500000-stalkerware-customers-payment-records%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/vZYj__l7V97XU874SB95jnno-5HV6kfCnaQ99JZbfUI=444">
<span>
<strong>Hacktivist Scrapes Over 500K Stalkerware Customers' Payment Records (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A hacktivist going by the name wikkid has scraped and released over 500K customer records from stalkerware services provided by a Ukrainian company called Struktura. The scraped data includes customer email addresses, which app or brand the customer paid for, how much they paid, the payment type, and the last four digits of credit card numbers. The hacktivist stated that they exploited a βtrivial bugβ in the service's website.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F9to5mac.com%2F2026%2F02%2F09%2Fdiscord-will-soon-require-face-scans-or-id-for-all-users-or-restrict-access%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/UZKLD-LyyxO2YOWTznZp3aGwDqhPeHNeUAAelNobtKc=444">
<span>
<strong>Discord Will Soon Require Face Scans or ID for All Users or Restrict Access (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Discord has announced that beginning in early March, users will need to verify their age via a selfie or government ID. Users' accounts will be set to teen accounts by default until they perform the verification. Discord states that the selfie processing will happen locally on users' devices, that government IDs will be deleted by their third-party processors βquickly,β and that age verification status will not be visible on users' profiles.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fauditboard.com%2Finfoseccompliancenow%3Futm_campaign=infosec-compliance-now-2026-02%26utm_medium=display%26utm_source=tldr-compliance%26utm_content=02-11-25/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/k3Zedc0CsbfpzkxsjLXxGQJQOlmQ5bOkDZpzKDWQGCU=444">
<span>
<strong>Earn up to 4 free CPE credits at Infosec Compliance Now 2026 [half day, virtual] (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AuditBoard's free virtual event features risk experts from EY, Kimberly-Clark, and OpenAI. Get up to 4 free CPE credits as you learn practical cybersecurity skills and frameworks. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fauditboard.com%2Finfoseccompliancenow%3Futm_campaign=infosec-compliance-now-2026-02%26utm_medium=display%26utm_source=tldr-compliance%26utm_content=02-11-25/2/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/p9jZhMnEefkbEsZSVIYZKPPWVBtEFrvK69uKywWYQvE=444" rel="noopener noreferrer nofollow" target="_blank"><span>Register now</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmen-charged-in-massive-fanduel-fraud-scheme-fueled-by-thousands-of-stolen-identities%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/-7uGPkWHQZvvrsxr9s8I74965BXYyLvDlb7q-0ObTys=444">
<span>
<strong>Men charged in FanDuel scheme fueled by thousands of stolen identities (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Two Connecticut men were indicted on 45 federal counts for allegedly using ~3,000 stolen identities purchased from darknet markets to create fraudulent accounts on FanDuel, DraftKings, and BetMGM, exploiting new-user promotional bonuses to steal $3 million over five years.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fnmohnblatt.me%2Fllms-review-cryptography%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/niCki1NvL5G-H_70tiIz1-ybbG0xJXexJJnkOI0YVkw=444">
<span>
<strong>When LLMs Review Cryptography Papers (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google Research used Gemini's iterative self-correction prompting to discover a bug in a cryptography paper on SNARGs for NP from LWE that human reviewers had missed, highlighting LLMs' growing potential as adversarial reviewers in academic research and security audits.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fmicrosoft%2Fmicrosoft-announces-new-mobile-style-windows-security-controls%2F%3Futm_source=tldrinfosec/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/9VWFT__OTVqc79tP5a0JcB7KB-JwcyNPPMF46bNWZiU=444">
<span>
<strong>Microsoft announces new mobile-style Windows security controls (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft announced smartphone-style app permission prompts and a "Windows Baseline Security Mode" for Windows 11.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/-8SiwyoonY89jKysPNV8L162nixdzX2gv4fu8NsE_ms=444" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/qvDcNib35GbdVWW2ZRAI5oMHjoo91eZsPR_slsuHtDE=444" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/ieuyocnwmqZyggeVjCAOeMUMQ_NUjUJoiX_N0nSjZ18=444"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/07CCliUHdhfcwNKU5DIfwEQ4_JsOqOnfOr26EYZz4Vc=444" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/O3jNnyk1f-_gUZBlH3zKjhp4oYQ9hGPImoGuFWfYTpE=444" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/uSvp6knjMFI1tlJkeqCaH5OFIrH9RE9W59ue8-YClg4=444" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/qliLyncY2iBzxYcLc7zqRFq3L7W2ZVgIHu8AWsTRzC4=444"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/wln5DlmE4RWIsax6XaYgRxIDpELeX2o_UUCjIIlk2Sg=444"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/vQj3teDrm7bJJNjyQxSINs5JNtWoKCdOHAn9QZCs5GA=444"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/SwcktuIgE8e6fS5alxbYIlmFKS1v0dHJtesEWPnZTjg=444">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=44af9b6c-072d-11f1-8dcf-4b81c05989df%26pt=campaign%26pv=4%26spa=1770818490%26t=1770818804%26s=19e8d3c3fcc1ce0750beb4ece4a13c62e928be7c1adbd6fbec88344fc98c5a98/1/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/77fHMDe-VVc0pAHlsXyFzj9Z-gcLllmIhjlWYRDTGSo=444">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019c4d069a51-ab4b3fed-b532-415d-b28b-76c118a58def-000000/eDX_fNeCoQzJbUUCwZH5IP4SeIqF2JBv-JoFaSOFPWg=444" style="display: none; width: 1px; height: 1px;">
</body></html>